-----BEGIN PGP SIGNED MESSAGE----- Redes2 Security Team -------------------- .DO Underground PROBLEM ======= We have found serveral DoS attacks agaisnt Annex terminal servers from xylogics(bay). DETAILS ======= The first attack is about the ping program on the webserver. They designed the /ping program to take only 64 chars in the hostname part. They avoided from ppl to insert more than 64 by limiting it in the page on the webserver (/ping.html). But if you do a : http://annex.server.here/ping?query=a lot of aaaaaa's here(more than 64) then annex server goes BOOM!. The second attack is with the land attack. Maybe when they tried the land attack on the annex servers they thought it didn't work. But it does... The problem is that when you do 1 land attack the CPU only rises a 50 percent. Now if you do 2 land attacks consecutively then the annex server freezes because the CPU rises to 100%. I didn't make any programs for this because you only have to do a shell script that executes your land program at least two or three times. FIX === We notified Bay a month ago. They have not responded yet. Credits: wh0is, speed1, lizard. ========================================| Albert Nubdy | formatezat_private | FormateZ@undernet | - ----------------------------------------| -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.5.3i for non-commercial use <http://www.pgpi.com> iQA/AwUBNbqefVRmALifgPyqEQIvLACeOPojXC2FqVgsO688XIBGINVNEDMAnR5r WpUM+RDMkvaCMEmMkzqVNt5h =HPOk -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:08:04 PDT